Author :
Publisher :
ISBN 13 :
Total Pages : 264 pages
Book Rating : 4.:/5 (15 download)
Book Synopsis Static Analysis of JavaScript Programs for Bug Detection by :
Download or read book Static Analysis of JavaScript Programs for Bug Detection written by and published by . This book was released on 2017 with total page 264 pages. Available in PDF, EPUB and Kindle. Book excerpt: JavaScript is an object-oriented language that was originally developed to make web pages more attractive. Gradually, its features became a good fit for non-browser applications. For a developer, JavaScript might not be the first choice of language. It supports first class functions, meaning that a function can appear anywhere one might normally pass values or objects. JavaScript allows the code to be dynamically evaluated through the eval function. Most of all, it is dynamically typed, which means that a variable can change types during a program execution. The above-mentioned JavaScript features make it flexible to use but also open doors to many vulnerabilities and programming errors. Although a lot of effort has been dedicated to the design and implementation of JavaScript static analyzers, a lot remains to be done. Tools to aid developers are still at an early stage. Those include editor support such as auto-completion and debugging as well as static analysis for code quality and bug detection. A type error in JavaScript occurs when calling a non-function value as a function or accessing or updating a property of null/undefined. Unlike other programming errors like reading an absent property of an object, a type error can cause a program to crash or malfunction. Motivated by the severity of type errors, we proposed solutions to enhance static analyzers detecting type errors. We introduced an extended domain of intervals to improve the precision of existing static analyzers. That extended domain of intervals was used in an existing static analyzer called JSAI [47] and was able to reduce the number of false positives by 39% [81]. With JavaScript numbers following the IEEE-754 standard, we later redesigned the extended domain of intervals to conform to standard with IEEE-754 floating point bounds and were able to further improve the precision in some benchmark programs [82]. Following this, we introduced a range assertion language for JavaScript programs. Unlike Java, JavaScript does not support assertions and developers have to write their own assertion functions. The range assertion language was motivated by the fact that, when accessing a non-existent index in an array in JavaScript, the arrayIndexOutOfBound exception is not thrown. Instead, the array access operation fails silently and an undefined value is returned. It is important to track such silent errors because the returned value that is undefined could cause some type errors in the remaining execution of a program. The range assertions are automatically checked during the execution of a program. Our evaluation reported one confirmed violation in seven benchmark programs analyzed. Following the range assertions, we proposed a novel abstract string domain for static conventionality analysis of JavaScript arrays. A JavaScript array object is just like any other kind of object except that it has a length property that is automatically updated. A conventional array is an array that does not have properties other than indices and length. Do JavaScript programmers use arrays conventionally just like in other object oriented languages? Do they use arrays like regular objects? We proposed a static conventionality analysis for JavaScript to help us to find answers to these questions. Conventionality analysis can be useful for program understanding and optimization. Our experiments on a set of 98 benchmark programs show that arrays are used in a conventional way in 95% of the benchmark programs. This thesis ends with a summary of the main contributions and discusses future work and research directions.